Subscribe to our Threatpost Today newsletter

Join thousands of people who receive the latest breaking cybersecurity news every day.

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

*

*

I agree to my personal data being stored and used to receive the newsletter

*

I agree to accept information and occasional commercial offers from Threatpost partners

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

Women in Cyber Take the Spotlight

Women are key to solving the workforce shortage, which is expected to reach 3.5 million open jobs by 2022.

As the cybersecurity industry continues to struggle to meet a workforce gap – an estimated 3.5 million jobs are expected to remain unfilled by 2021 – it’s clear that encouraging women and those from diverse backgrounds to pursue careers in the field will be a key factor in staying ahead of the threat landscape. Changes at the RSA conference, scheduled for early March in San Francisco, along with a handful of large companies stepping up to the plate with training and recruitment efforts, show that the industry may finally be getting serious about addressing the issue.

While diversity in general is an issue in tech, women are particularly underrepresented. They hold about 26 percent of tech jobs according to a research report by The American Association of University Women (AAUW), and in cybersecurity specifically that drops to just 11 percent of roles globally being held by women according to the (ISC)2 2017 Global Information Security Workforce: Women in Cyber Security study.

[Interested in the issue of women in cyber? Register for the free Threatpost webinar, “The Future is Female: Solving the Workforce Challenge,” to learn about why recruiting women is critical to the future of the industry. It takes place Dec. 12 at 2 p.m. ET.]

Aiming to create role models for others considering a career in infosecurity, some of the women that do work in cyber were recently thrust into the spotlight with Forbes’ U.S. list of the 50 Top Women in Technology.

The honorees come from a wide range of sectors, including enterprise and consumer technology, gaming, artificial intelligence, aerospace and biotech, among others. Among them are four cybersecurity leaders: Celeste Fralick, chief data scientist at McAfee; Laura Mather, cofounder at Silver Tail Systems; Katie Moussouris, CEO and founder at Luta Security; and Tal Rabin, head of the Cryptography Research Group for the Thomas J. Watson Research Center at IBM.

Also, RSAC, after facing enormous criticism for women representing just 20 percent of the speaker lineup at its last outing and 25 percent of keynotes), in November announced that it is shying away from all-male panels and would be encouraging companies to diversify their representatives to the conference, among other changes.

Against this backdrop of an increased focus on women already working in the field, a range of organizations are rolling out efforts to attract new women and girls to the mix.

For instance, IBM and Florida International University recently did their part by inviting more than 200 girls from seven different schools across Miami-Dade for “IBMCyberDay4Girls,” a one-day conference that educates young women in fifth grade up to eleventh grade about cybersecurity — from how to protect yourself on social media to what careers are available in cybersecurity.

“We have a huge shortage of cybersecurity professionals, and this is a very good way for them to start getting interested. They see how different aspects of cybersecurity affect their personal lives and their families,” said Helvetiella Longoria, CISO at FIU. “We hope to continue to encourage and support female students to pursue interests in cybersecurity. Through these programs and our continued partnership with IBM, we hope to provide a voice in guiding and fostering them in this direction.”

The Cisco Women in Cybersecurity mentoring program meanwhile reaches out to girls in middle school, high school and college and runs recruitment programs for jobs at the networking giant. The program also connects students externally with other organizations.

And Apple said in late November that it would launch a new program designed to address the scarcity of women in tech executive and computer programming jobs. Beginning in January, female entrepreneurs and programmers will attend two-week tutorial sessions at the company’s Cupertino headquarters; these will run every three months.

These and other industry efforts are important in dispelling the stereotypes that exist around cyber and tech jobs – a key factor in the lack of diversity.

“One myth [about cybersecurity] is that to work in it, you have to be hacker or a coder and that it’s just for boys. The other is that everybody thinks that you have to have a computer science degree, and that’s just not true. We need people with all sorts of skills,” said IBM’s academic outreach leader, Heather Ricciuto.

(Want to know more about the key role of women in cyber? Register for the free Threatpost webinar, “The Future is Female: Solving the Workforce Challenge,” to learn about why recruiting women is critical to the future of the industry. It takes place Dec. 12 at 2 p.m. ET.)

Discussion

I have to respectfully disagree with some things in this article. I have many years of experience as a Software Engineer (C+++, C#, Assembly) and in detecting, eradicating, and recovery from every type of malware on endpoint workstations. I am CompTIA certified in Security+ and CySA+. I've been trying to get into a Cyber Security career, but if you don't have any NOC (Network Operations Center) experience, then you are only qualified as a help desk specialist; despite all these experts stating that there is a severe shortage of Cypber Security experts. The IT industry is short-changing itself. Even the DOD wouldn't accept my qualifications. In addition, the entry-level positions, on top of demanding some NOC experience, don't pay better than a McDonald's manager. Fact is, our government is trying to take IT Security seriously, but the corporate networks are not serious about it and won't be until it bites them in the arse.

Look up the gender paradox. The more society pushes women to join STEM fields, the fewer women will end up in STEM fields. This is what has happened in Scandinavia.
That's right, by pushing this "women in STEM" narrative, you'll get the opposite result.

While I agree that women need to start expanding and exploring new roles and opportunities, they won't fill the gap we are seeing. The real issue lies within the realm of wanting to do cybersecurity. Men and women both lack interest in these roles and if we continue to push people to fill the gaps, then we will get a serious overflow of lackluster people that can cause harm, not good.

I agree with Dave, I'm also a qualified IT tech, but the requirements for jobs out there, wow, I think is improbable that they can find someone with all those skills they want at the salary they offer. Many of the professionals I graduated with have switched careers because they could not find a job in IT, and yet we keep hearing about this skills shortage.

You have put your finger on something important - my wife and I have worried about this for a long time: what if there just aren't enough people - regardless of gender, ethnicity, etc. - who want to "do" digital security? We have to be open to the fact that might be the case. However, one reason that I am hopeful about women in security is that I don't see the same reluctance there. But that is anecdotal and I might be wrong. It is definitely a topic that needs further research.

Authors

Threatpost

InfoSec Insider Post

InfoSec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.

Sponsored

Sponsored Post

Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.